Crosslinks is grateful to all those who support our work. We value your partnership in the gospel as we take God’s word to God’s world. We are committed to serving you by ensuring that any personal data you share with us is protected and used in a way that you would reasonably expect.

This privacy policy sets out how we use your personal data and states your individual rights in accordance with UK legislation, including the General Data Protection Regulation (GDPR) and Data Protection Act (2018) to which Crosslinks is wholly committed.

Crosslinks is a company limited by guarantee. Registered Company No. 00193144. Registered Charity No. 1164474. Registered Office: 251 Lewisham Way, London SE4 1XF.

How we collect personal information

Personal information is any data that may be used to identify you. We only collect the data we need to carry out our work. We collect this information in the following ways:

  • Information you share with us directly: such as sending us an email or letter, making a donation online, visiting our website, subscribing to a mailing list or attending an event.
  • Information you share with us indirectly: for example, when you donate using a service that Crosslinks is linked to (e.g. CAF, Stewardship).
  • Information from publicly available sources such as The Charity Commission or Companies House.

Please note that you can opt out of this processing at any time, or change the details we hold for you, by contacting us using the details at the bottom of this policy.

The information we collect may include your:

  • title and name
  • postal address, email address, phone number
  • date of birth (for example, if you apply for an overseas trip or sign up as a member)
  • church name

If you make a donation or set up a standing order/Direct Debit, we will use your details to record and process these donations, to send a receipt or annual thank you letter and to request a Gift Aid Declaration. Information collected will include donation details and may include bank account details (including any debit or credit card details) and your Gift Aid status. See ‘How we keep your data safe’ below for information on how we store this information.

Our website’s use of cookies cannot be used to identify you, but we do use Google Analytics to help us understand how our website is being used. You can opt-out of this processing when you visit the website. Please see ‘Website cookies’ below for more details.

Special category data

There may be times when we need to ask you for further information, such as when you apply for a job or take part in a short-term deployment. Data protection law recognises this as Special Category Data and may include information concerning your health, ethnicity and religious beliefs.

We only collect sensitive personal information if there is a clear and legal reason for doing so. We will ask for your consent and take additional steps to safeguard this kind of data. We may need to share this information with our trusted partners overseas in order to ensure the safe running of your trip. We will let you know which information would be shared and gain your prior consent for doing so. We may also use a trusted external provider to assist us with your application, for example to undertake a medical or psychological evaluation.

How we use your information

We may use your information to:

  • Process your donation and send you receipt letters.
  • Send you news and updates about a particular mission partner who you request to hear from.
  • Send you information about our work in general, such as resources, opportunities and events which may be of interest to you.
  • Ask for financial support or to pray for our work.
  • Conduct internal research to aid our understanding of and service to our supporters. From time to time we may ask you to complete a survey about your experience of Crosslinks, to help us improve our communications.
  • Meet legal requirements or in an emergency to protect life (see ‘The legal bases for using your information’ below), or to notify you about significant changes to our privacy policy.
  • Send you important information as part of being a Member or Friend of Crosslinks.

We keep a record of the correspondence you have with us, as well as keeping records of donations and your Gift Aid status.

We will seek the consent from a parent or guardian before holding data on children. We will not send any communications to your child unless you have given your specific consent for a particular purpose, such as information about their gap year placement.

Crosslinks membership

Members are an important part of Crosslinks as those who most keenly support our work in prayer, in regular giving and by being ambassadors for us in their local church. Members elect trustees, can stand for election to the board of trustees themselves and vote on any changes to Crosslinks at our Annual General Meeting.

When signing up to become a member, we will ask for demographic information to understand more about you, such as your date of birth and occupation. We also ask our members to sign our statement of faith. Our trustees are given this information to approve new members on a regular basis.

How we keep your data safe

Keeping your information safe is of utmost importance to us. We have a number of administrative and technological safeguards in place to ensure your data is stored securely, to prevent unauthorised access or disclosure. This includes the physical security measures in place at our offices and the security software on our computer system. Members of staff who have access to your information are fully conversant with our data protection policies and procedures. Furthermore, we limit the number of staff who have access to sensitive information.

To keep our records up-to-date and to thereby maintain effective gospel partnerships, we may share with mission workers the relevant contact details of those who are on their prayer letter distribution lists. Mission workers are fully conversant in Crosslinks’ data protection policies and will not share your details with anybody outside of Crosslinks.

We will never sell your personal information to any other organisation. Where we use trusted external companies, such as a mailing house (Yeomans) or email platform (Mailchimp), to send you our communications, we remain responsible for your information and use security measures, such as passwords, to ensure the safety of your data. See ‘Sharing your information’ below for more.

Donations given by credit or debit card are handled securely by our trusted payment processors, Lloyds Bank Cardnet. Both Crosslinks and Cardnet are compliant with the Payment Card Industry Data Security Standard. We do not store your credit or debit card details but may hold bank account details for the purpose of administering Direct Debits or standing orders.

Sharing your information

In order to serve our supporters and fulfil our charitable objectives efficiently, we use trusted external suppliers and may need to share data with them on a limited basis. For example, we may use a mailing house or an email provider to send our publications to you. In order to receive a donation from you, we may need to share your information and bank details with a payment processor and to reclaim Gift Aid we will need to share relevant information with HMRC.

We only share information which is necessary and limited to fulfil that purpose. These external companies can only use your data for that reason and must delete your data when the purpose has been fulfilled.

In order for a mission worker to know about a donation you have given for their support, we may share your name, contact details and the value of gift you have given to their fund. If you do not wish for them to know about your gift(s), you can ask us to anonymise your record. This will mean that mission partners cannot see your name alongside the gift(s) you have made. You can do this by emailing us. Your details and donation history will still be accessible to office staff for legitimate purposes.

We will never share or sell your personal information to any other organisation for their marketing or other purposes.

How long we will keep your personal information

We will only keep your personal information for as long as the relevant purpose requires. When your information is no longer required, we will ensure it is deleted or destroyed in a secure manner. Some retention periods are determined by legal requirements, others by best practice. Some of our retention periods are:

  • 1 year after an unsuccessful application to work or volunteer.
  • 3 years after our last engagement or communication with a supporter.
  • 6 years after retirement or resignation as a member of staff or volunteer.
  • 7 years after a supporter’s last donation or Gift Aid declaration.

Please get in touch using the details below if you have any questions about our data retention policy.

The legal bases for processing your information

Consent
If you would like to receive communications from us, such as prayer letters or Crosslinks literature, we will ask you for your consent. You can withdraw your consent at any time (see ‘Updating your information and preferences’ below) and we will provide opportunities for you to opt-out of communications and review your preferences. When using the website you will have the option to consent to our use of cookies (see ‘Website cookies’ below).

Legitimate interests
We will continue to communicate with our existing prayer and financial supporters who have requested these communications in the past. All our communications will give supporters the opportunity to opt-out at any time and you can change your preferences by contacting us using the details below.

We may use your information to provide you with information that we believe will be of interest to you, or to meet our charitable objectives. This may include sending you a donation receipt or pledge confirmation, contacting you about events, news or resources, or for a new Gift Aid declaration.

We complete Legitimate Interests Assessments to ensure that we do not use your information in ways that you would not reasonably expect us to and to make sure our processes will never override your rights.

Legal obligation
We may need to process your data to comply with a legal obligation or statutory requirement. For example, to comply with finance regulations.

Vital interest
In a critical situation, for example if your child takes part in a Crosslinks camp and requires emergency medical attention, we may need to share your information with the emergency services.

Website cookies

Like many websites, www.crosslinks.org makes use of cookies. A cookie is a text–only string of information that passes to your computer through your web browser so that the website can remember who you are. Our website cookies cannot be used by themselves to identify you.

While we do not store personal information in cookies, we do use Google Analytics, who set cookies to track repeat visits to our website. We use this tool to tell us how our website is being used and how we can improve the user’s experience of it. We may also include content from third party websites, such as YouTube videos, which may use cookies. We do not use cookies that track your web usage after you have left www.crosslinks.org. If you do not wish to receive cookies you can easily modify your web browser to refuse cookies or to notify you when you receive a new cookie.

Your rights

You are in control of how your information is used and we want to ensure that the data we hold for you is accurate. Under the GDPR and Data Protection Act 2018, you have the following individual rights:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling

If you have any concerns about the data we hold or how we process it, please contact the Data Protection Officer using the information below. Please note that we will ask for proof of your identity before providing you with any personal data.

If you are unhappy with any service we provide, you can file a complaint by letter or email to our Data Protection Officer using the details below. If your issue is not resolved, you have the right to contact the Information Commissioner’s Office: www.ico.org.uk

Updating your information and preferences

If you have any questions about this policy, or would like to change the information or preferences we hold for you, please contact us using the following details:

Email contact@crosslinks.org
Phone 020 8691 6111
Post 251 Lewisham Way, London SE4 1XF

This policy is effective from July 2020 and will be reviewed on an annual basis. We may make changes from time to time, but if there are any significant changes to this policy we will let you know by an appropriate means of communication.